On Wed, 22 May 2002, Peter Bieringer wrote: > for an update of an overview of my IPv6 course I ran into a > "knowlegde hole" of myself, but some looking around with Google don't > help me. > > Would be great if someone on the list is able to update me. > > How many (maintained) firewall code for *BSD is currently available? > I found > > ipfilter/ipf > http://coombs.anu.edu.au/ipfilter/ > IPv6: unknown
IPFilter has hooks for IPv6, and should be able to do it. I know that it was working in OpenBSD 2.9 (after a couple files were modified), and with some extra kernel modification, it should work in NetBSD 1.5.1. The hooks may be working in FreeBSD, but you can't really do transparent bridging with it (a limitation of the OS, not the firewall). > ipfw > URL missing? Is this extra code? IPFW is a pure FreeBSD firewall. with the KAME patches (now integrated in to FreeBSD itself) there's ip6fw. same rule syntax, just for ipv6. > pf > http://www.benzedrine.cx/pf.html > IPv6: yes definately. pf works quite well, and is very impressive for how young it is. > 2 questions: > > a) what is "ipfw" > > b) any IPv6 status of ipfilter/ipf known? i think i answered both of these above, but to just make sure. ipfw is a native freebsd firewall. http://www.freebsd.org/cgi/man.cgi?query=ipfw&apropos=0&sektion=0&manpath=FreeBSD+4.5-stable&format=html ip6fw is similar. http://www.freebsd.org/cgi/man.cgi?query=ip6fw&apropos=0&sektion=0&manpath=FreeBSD+4.5-stable&format=html to answer B, you'd have to try it. the hooks are there, it *should* work in NetBSD and FreeBSD. There's some support under OpenBSD, but it's not longer part of the "true" distrobution at http://www.openbsd.org. -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan [EMAIL PROTECTED] "John Ashcroft is really just the reanimated corpse of J. Edgar Hoover." -- Tim Triche --------------------------------------------------------------------- The IPv6 Users Mailing List Unsubscribe by sending "unsubscribe users" to [EMAIL PROTECTED]
